Total CVEs

141,292

Critical Severity

3,799

High Severity

13,738

Last 7 Days

1,859
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 8,621 - 8,640 of 13,828 CVEs
CVE-2026-3079 MEDIUM - 6.5

The LearnDash LMS plugin for WordPress is vulnerable to blind time-based SQL Injection via the 'filters[orderby_order]' parameter in the 'learndash_propanel_template' AJAX action in all versions up to, and including, 5.0.3. This is due to insufficient escaping on the user supplie...

Published: Mar 24, 2026
Source: NVD
CVE-2026-33290 MEDIUM - 4.3

WPGraphQL provides a GraphQL API for WordPress sites. Prior to version 2.10.0, an authorization flaw in updateComment allows an authenticated low-privileged user (including a custom role with zero capabilities) to change moderation status of their own comment (for example to APPROVE) without the mod...

Vendor: wp-graphql
Product: wp-graphql
Published: Mar 24, 2026
Source: NVD
CVE-2026-4614 MEDIUM - 6.3

A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. This issue affects some unknown processing of the file /admin/subjects.php of the component Parameter Handler. This manipulation of the argument subject_code causes sql injection. The attack is possible to be carried...

Published: Mar 24, 2026
Source: NVD
CVE-2026-4056 MEDIUM - 5.4

The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Content Access Rules REST API endpoints in versions 5.0.1 through 5.1.4. This is due to the `check_permissions()` method only checking for `edit_pos...

Published: Mar 24, 2026
Source: NVD
CVE-2026-4066 MEDIUM - 4.3

The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relational_posts_search() function in all versions up to, and including, 5.0.6. This makes it possible for authenticated attackers, with Contributor-level access and abo...

Published: Mar 23, 2026
Source: NVD
CVE-2026-3225 MEDIUM - 4.3

The LearnPress โ€“ WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in the delete_question_answer() function of the EditQuestionAjax class in all versions up to, and including, 4.3.2.8. The AbstractAjax::catch_l...

Published: Mar 23, 2026
Source: NVD
CVE-2026-2412 MEDIUM - 6.5

The Quiz and Survey Master (QSM) plugin for WordPress is vulnerable to SQL Injection via the 'merged_question' parameter in all versions up to, and including, 10.3.5. This is due to insufficient sanitization of user-supplied input before being used in a SQL query. The sanitize_text_field()...

Published: Mar 23, 2026
Source: NVD
CVE-2026-32279 MEDIUM - 6.8

Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, a Server-Side Request Forgery (SSRF) issue exists in the external page migration feature of the Page Management Plugin. Versions 1.41.1 and ...

Vendor: opensource-workshop
Product: connect-cms
Published: Mar 23, 2026
Source: NVD
CVE-2026-29111 MEDIUM - 5.5

systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is...

Vendor: systemd
Product: systemd
Published: Mar 23, 2026
Source: NVD
CVE-2026-27646 MEDIUM - 5.3

OpenClaw versions prior to 2026.3.7 contain a sandbox escape vulnerability in the /acp spawn command that allows authorized sandboxed sessions to initialize host-side ACP runtime. Attackers can bypass sandbox restrictions by invoking the /acp spawn slash-command to cross from sandboxed chat context ...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 23, 2026
Source: NVD
CVE-2026-27183 MEDIUM - 4.5

OpenClaw versions prior to 2026.3.7 contain a shell approval gating bypass vulnerability in system.run dispatch-wrapper handling that allows attackers to skip shell wrapper approval requirements. The approval classifier and execution planner apply different depth-boundary rules, permitting exactly f...

Vendor: OpenClaw
Product: OpenClaw
Published: Mar 23, 2026
Source: NVD
CVE-2026-1940 MEDIUM - 5.1

An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst_wavparse_adtl_chunk() function. The patch added a size validation check lsize + 8 > size, but it does not account for the GST_ROUND_UP_2(lsize) used in the actual offset calculation. When lsize is an odd number, the parser a...

Published: Mar 23, 2026
Source: NVD
CVE-2025-60948 MEDIUM - 4.6

Census CSWeb 8.0.1 allows stored cross-site scripting in user supplied fields. A remote, authenticated attacker could store malicious javascript that executes in a victim's browser. Fixed in 8.1.0 alpha.

Vendor: Census
Product: CSWeb
Published: Mar 23, 2026
Source: NVD
CVE-2026-33486 MEDIUM - 6.8

Roadiz is a polymorphic content management system based on a node system that can handle many types of services. A vulnerability in roadiz/documents prior to versions 2.7.9, 2.6.28, 2.5.44, and 2.3.42 allows an authenticated attacker to read any file on the server's local file system that the w...

Vendor: composer
Product: roadiz/documents
Published: Mar 23, 2026
Source: GitHub
CVE-2026-33202 MEDIUM - 9.1

Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `DiskService#delete_prefixed` passes blob keys directly to `Dir.glob` without escaping glob metacharacters. If a blob key contains attacker-contro...

Vendor: rubygems
Product: activestorage
Published: Mar 23, 2026
Source: GitHub
CVE-2026-4597 MEDIUM - 6.3

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. Impacted is the function selectAll of the file src/main/java/com/genersoft/iot/vmp/streamProxy/dao/provider/StreamProxyProvider.java of the component Stream Proxy Query Handler. The manipulation results in sql injection. T...

Published: Mar 23, 2026
Source: NVD
CVE-2026-23488 MEDIUM - 5.3

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the /api/v1/comment/create endpoint has an unauthorized access vulnerability, allowing attackers to post comments on any note (including private notes) without authorization, even if the note has not been publicly shared. The ...

Vendor: blinkospace
Product: blinko
Published: Mar 23, 2026
Source: NVD
CVE-2026-23487 MEDIUM - 6.5

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, there is an IDOR vulnerability where user.detail Endpoint Leaks the Superadmin Token. This issue has been patched in version 1.8.4.

Vendor: blinkospace
Product: blinko
Published: Mar 23, 2026
Source: NVD
CVE-2026-23486 MEDIUM - 5.3

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, a publicly accessible endpoint exposes all user information, including usernames, roles, and account creation dates. This issue has been patched in version 1.8.4.

Vendor: blinkospace
Product: blinko
Published: Mar 23, 2026
Source: NVD
CVE-2026-23485 MEDIUM - 5.3

Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the filePath parameter accepts path traversal sequences, allowing enumeration of file existence on the server via different error responses. This issue has been patched in version 1.8.4.

Vendor: blinkospace
Product: blinko
Published: Mar 23, 2026
Source: NVD